From 3105ed4f38752eafc4340dfa402cc12226107aa1 Mon Sep 17 00:00:00 2001
From: "Pablo M. Bermudo Garay" <pablombg@gmail.com>
Date: Wed, 31 Aug 2016 09:59:16 +0200
Subject: xtables-translate-restore: do not escape quotes

If quotes are escaped, nft -f is unable to parse and load the translated
ruleset.

Signed-off-by: Pablo M. Bermudo Garay <pablombg@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 iptables/xtables-translate.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'iptables/xtables-translate.c')

diff --git a/iptables/xtables-translate.c b/iptables/xtables-translate.c
index 3c577ed2..689533f3 100644
--- a/iptables/xtables-translate.c
+++ b/iptables/xtables-translate.c
@@ -70,7 +70,7 @@ int xlate_action(const struct iptables_command_state *cs, bool goto_set,
 				.ip		= (const void *)&cs->fw,
 				.target		= cs->target->t,
 				.numeric	= numeric,
-				.escape_quotes	= true,
+				.escape_quotes	= !cs->restore,
 			};
 			ret = cs->target->xlate(xl, &params);
 		}
@@ -97,7 +97,7 @@ int xlate_matches(const struct iptables_command_state *cs, struct xt_xlate *xl)
 			.ip		= (const void *)&cs->fw,
 			.match		= matchp->match->m,
 			.numeric	= numeric,
-			.escape_quotes	= true,
+			.escape_quotes	= !cs->restore,
 		};
 
 		if (!matchp->match->xlate)
@@ -226,6 +226,8 @@ static int do_command_xlate(struct nft_handle *h, int argc, char *argv[],
 
 	do_parse(h, argc, argv, &p, &cs, &args);
 
+	cs.restore = restore;
+
 	if (!restore)
 		printf("nft ");
 
-- 
cgit v1.2.3